I want to be able to ftp to a linux box behind a firewall linux box from the outside. I need to configure the ftp server and the firewall.
I assume, since the "outside" client is also behind a firewall, I may be using passive mode for the transfer. I am using ipchains and ipmasqadm. I am running an ftp server on the firewall linux box, too. This ftp server on the firewall box is using ports 20 and 21. In the active transfer mode, it seems straightforward to have the outside client ftp to a special command port, say port 27 instead of 21. I can set up the firewall linux box to send all requests on port 27 to my ftp server behind the firewall to the usual command port. But, here is where where I need help. How do I tell the client what the data port is on the server? Does the ftp server send the data port back as a data packet, or does the ftp client assume the data port number is the port on the server making the connection to the client's data port? Could ipmasqadm simply switch outgoing port numbers? The second question is for passive mode. Here, the ftp server sends back the temporary port to use for data transfers. There is supposed to be a way to restrict which ports are sent back by the server. However, the method suggested is changing an include file and, I suppose, recompiling the ftp daemon. Is there a configuration file which would do this? Could I just edit the binary file, assuming I could find the current port ranges in the binary file? Sounds hard, since it will be numbers, not strings. Any insights appreciated, Joel _______________________________________________ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc -> http://www.linux-sxs.org/mailman/listinfo/linux-users
